ARG REPOSITORY=neondatabase ARG IMAGE=build-tools ARG TAG=pinned ARG BUILD_TAG ######################################################################################### # # Layer "build-deps" # ######################################################################################### FROM debian:bullseye-slim AS build-deps RUN apt update && \ apt install -y git autoconf automake libtool build-essential bison flex libreadline-dev \ zlib1g-dev libxml2-dev libcurl4-openssl-dev libossp-uuid-dev wget pkg-config libssl-dev \ libicu-dev libxslt1-dev liblz4-dev libzstd-dev zstd ######################################################################################### # # Layer "pg-build" # Build Postgres from the neon postgres repository. # ######################################################################################### FROM build-deps AS pg-build COPY "vendor/postgres-v14" /postgres-v14 COPY "vendor/postgres-v15" /postgres-v15 COPY "vendor/postgres-v16" /postgres-v16 RUN for pg_version in v14 v15 v16; do \ install_dir="/postgres-$pg_version"; \ cd "$install_dir"; \ prefix="/usr/local/pgsql-${pg_version}"; \ export CONFIGURE_CMD="./configure --prefix ${prefix} CFLAGS='-O2 -g3' --enable-debug --with-openssl --with-uuid=ossp \ --with-icu --with-libxml --with-libxslt --with-lz4" && \ if [ "${pg_version}" != "v14" ]; then \ # zstd is available only from PG15 export CONFIGURE_CMD="${CONFIGURE_CMD} --with-zstd"; \ fi && \ eval $CONFIGURE_CMD && \ make MAKELEVEL=0 -j $(getconf _NPROCESSORS_ONLN) -s install && \ make MAKELEVEL=0 -j $(getconf _NPROCESSORS_ONLN) -s -C contrib/ install && \ # Install headers make MAKELEVEL=0 -j $(getconf _NPROCESSORS_ONLN) -s -C src/include install && \ make MAKELEVEL=0 -j $(getconf _NPROCESSORS_ONLN) -s -C src/interfaces/libpq install && \ extension_dir="${prefix}/share/extension" && \ # Enable some of contrib extensions echo 'trusted = true' >> $extension_dir/autoinc.control && \ echo 'trusted = true' >> $extension_dir/bloom.control && \ echo 'trusted = true' >> $extension_dir/earthdistance.control && \ echo 'trusted = true' >> $extension_dir/insert_username.control && \ echo 'trusted = true' >> $extension_dir/intagg.control && \ echo 'trusted = true' >> $extension_dir/moddatetime.control && \ echo 'trusted = true' >> $extension_dir/pg_stat_statements.control && \ echo 'trusted = true' >> $extension_dir/pgrowlocks.control && \ echo 'trusted = true' >> $extension_dir/pgstattuple.control && \ echo 'trusted = true' >> $extension_dir/refint.control && \ echo 'trusted = true' >> $extension_dir/xml2.control && \ # We need to grant EXECUTE on pg_stat_statements_reset() to neon_superuser. # In vanilla postgres this function is limited to Postgres role superuser. # In neon we have neon_superuser role that is not a superuser but replaces superuser in some cases. # We could add the additional grant statements to the postgres repository but it would be hard to maintain, # whenever we need to pick up a new postgres version and we want to limit the changes in our postgres fork, # so we do it here. old_list="pg_stat_statements--1.0--1.1.sql pg_stat_statements--1.1--1.2.sql pg_stat_statements--1.2--1.3.sql pg_stat_statements--1.3--1.4.sql pg_stat_statements--1.4--1.5.sql pg_stat_statements--1.4.sql pg_stat_statements--1.5--1.6.sql"; \ # the first loop is for pg_stat_statement extension version <= 1.6 for file in $prefix/share/extension/pg_stat_statements--*.sql; do \ filename=$(basename "$file"); \ if echo "$old_list" | grep -q -F "$filename"; then \ echo 'GRANT EXECUTE ON FUNCTION pg_stat_statements_reset() TO neon_superuser;' >> $file; \ fi; \ done; \ # the second loop is for pg_stat_statement extension versions >= 1.7, # where pg_stat_statement_reset() got 3 additional arguments for file in $prefix/share/extension/pg_stat_statements--*.sql; do \ filename=$(basename "$file"); \ if ! echo "$old_list" | grep -q -F "$filename"; then \ echo 'GRANT EXECUTE ON FUNCTION pg_stat_statements_reset(Oid, Oid, bigint) TO neon_superuser;' >> $file; \ fi; \ done; \ # Go back to root dir from `/postgres-v` dir cd ..; \ done ######################################################################################### # # Layer "postgis-build" # Build PostGIS from the upstream PostGIS mirror. # ######################################################################################### FROM build-deps AS postgis-build COPY --from=pg-build /usr/local/pgsql-v14/ /usr/local/pgsql-v14/ COPY --from=pg-build /usr/local/pgsql-v15/ /usr/local/pgsql-v15/ COPY --from=pg-build /usr/local/pgsql-v16/ /usr/local/pgsql-v16/ RUN apt update && \ apt install -y cmake gdal-bin libboost-dev libboost-thread-dev libboost-filesystem-dev \ libboost-system-dev libboost-iostreams-dev libboost-program-options-dev libboost-timer-dev \ libcgal-dev libgdal-dev libgmp-dev libmpfr-dev libopenscenegraph-dev libprotobuf-c-dev \ protobuf-c-compiler xsltproc # SFCGAL > 1.3 requires CGAL > 5.2, Bullseye's libcgal-dev is 5.2 RUN wget https://gitlab.com/Oslandia/SFCGAL/-/archive/v1.3.10/SFCGAL-v1.3.10.tar.gz -O SFCGAL.tar.gz && \ echo "4e39b3b2adada6254a7bdba6d297bb28e1a9835a9f879b74f37e2dab70203232 SFCGAL.tar.gz" | sha256sum --check && \ mkdir sfcgal-src && cd sfcgal-src && tar xvzf ../SFCGAL.tar.gz --strip-components=1 -C . && \ cmake -DCMAKE_BUILD_TYPE=Release . && make -j $(getconf _NPROCESSORS_ONLN) && \ DESTDIR=/sfcgal make install -j $(getconf _NPROCESSORS_ONLN) && \ make clean && cp -R /sfcgal/* / RUN wget https://download.osgeo.org/postgis/source/postgis-3.3.3.tar.gz -O postgis.tar.gz && \ echo "74eb356e3f85f14233791013360881b6748f78081cc688ff9d6f0f673a762d13 postgis.tar.gz" | sha256sum --check && \ mkdir postgis-src && cd postgis-src && tar xvzf ../postgis.tar.gz --strip-components=1 -C . && \ for pg_version in v14 v15 v16; do \ prefix="/usr/local/pgsql-${pg_version}/" ;\ find "$prefix" -type f | sed "s|^${prefix}||" > /before.txt &&\ export PATH="${prefix}/bin:$PATH" ;\ ./autogen.sh && \ ./configure --with-sfcgal=/usr/local/bin/sfcgal-config && \ make -j $(getconf _NPROCESSORS_ONLN) install && \ cd extensions/postgis && \ make clean && \ make -j $(getconf _NPROCESSORS_ONLN) install && \ extension_dir="$prefix/share/extension"; \ echo 'trusted = true' >> $extension_dir/postgis.control && \ echo 'trusted = true' >> $extension_dir/postgis_raster.control && \ echo 'trusted = true' >> $extension_dir/postgis_sfcgal.control && \ echo 'trusted = true' >> $extension_dir/postgis_tiger_geocoder.control && \ echo 'trusted = true' >> $extension_dir/postgis_topology.control && \ echo 'trusted = true' >> $extension_dir/address_standardizer.control && \ echo 'trusted = true' >> $extension_dir/address_standardizer_data_us.control && \ mkdir -p /extensions/postgis && \ cp $extension_dir/postgis.control /extensions/postgis && \ cp $extension_dir/postgis_raster.control /extensions/postgis && \ cp $extension_dir/postgis_sfcgal.control /extensions/postgis && \ cp $extension_dir/postgis_tiger_geocoder.control /extensions/postgis && \ cp $extension_dir/postgis_topology.control /extensions/postgis && \ cp $extension_dir/address_standardizer.control /extensions/postgis && \ cp $extension_dir/address_standardizer_data_us.control /extensions/postgis && \ cd ../.. ;\ done RUN wget https://github.com/pgRouting/pgrouting/archive/v3.4.2.tar.gz -O pgrouting.tar.gz && \ echo "cac297c07d34460887c4f3b522b35c470138760fe358e351ad1db4edb6ee306e pgrouting.tar.gz" | sha256sum --check && \ mkdir pgrouting-src && cd pgrouting-src && tar xvzf ../pgrouting.tar.gz --strip-components=1 -C . && \ mkdir build && cd build && \ cmake -DCMAKE_BUILD_TYPE=Release .. && \ make -j $(getconf _NPROCESSORS_ONLN) && \ make -j $(getconf _NPROCESSORS_ONLN) install && \ for pg_version in v14 v15 v16; do \ prefix="/usr/local/pgsql-${pg_version}/" ;\ extension_dir="$prefix/share/extension"; \ echo 'trusted = true' >> $extension_dir/pgrouting.control && \ find "$prefix" -type f | sed "s|^${prefix}||" > /after.txt &&\ cp $extension_dir/pgrouting.control /extensions/postgis && \ sort -o /before.txt /before.txt && sort -o /after.txt /after.txt && \ comm -13 /before.txt /after.txt | tar --directory=$prefix --zstd -cf /extensions/postgis.tar.zst -T - ;\ done